On 15/06/2017 16:47, Dot Yet wrote: > On Thu, Jun 15, 2017 at 9:12 AM Maurice McCarthy <mansel...@gmail.com> > wrote: > >> Hi, >> >> $ xauth list >> ... >> advancedsearch.virginmedia.com:0 MIT-MAGIC-COOKIE-1 >> f3aa08ed0926482c51f5cb386e28a0ea >> >> >> Virgin Media is my ISP. Is this an intrusion into my system please? I >> ran xauth remove ... just for the sake of it anyhow. >> >> Thanks >> Moss > > > Maybe. Are there other hints in the system log files, history files around >> someone trying to authenticate or execute commands? Was there a possibility >> that there was a screen sharing session done for any kind of support >> activities (would not be the case as you are already suspecting intrusion). >>
More likely you typo'd adding a host, advancedsearch is what NXDOMAIN queries get directed to, just turn it off on my virgin media
